Automated testing methods are generally used to test binary programs. For instance, binary programs may be tested using automated testing methods to discover potential vulnerabilities in the binary programs. Some automated testing methods generate random inputs to test the binary programs. One example of such automated testing methods is fuzz testing. Fuzz testing is guided by branch coverage, and generally involves testing of a binary program using random inputs to cause each branch of the binary program to execute. Fuzz testing provides for fast testing of binary programs. However, fuzz testing of a binary program may result in branches of the binary program not being covered or tested. Another example of such automated testing methods is symbolic execution. Symbolic execution is guided by path coverage, and generally involves analyzing a binary program to determine what inputs cause each path of the binary program to execute. Unfortunately, symbolic execution is many orders of magnitude slower than fuzz testing. In addition, symbolic execution may be susceptible to path explosion. Path explosion may occur when the binary program being tested includes too many paths to symbolically explore. Path explosion may result in an incomplete test of the binary program.
The subject matter claimed in the present disclosure is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one example technology area where some embodiments described in the present disclosure may be practiced.